Exploring Terraform Outputs

Explore the output variables and check on the cluster we created.

Viewing the output file#

We’ll retrieve the nodes of the newly created Kubernetes cluster and see what we got. But, before we do that, we need to create a kubeconfig file that will provide kubectl the information on how to access the cluster. We could do that right away with gcloud, but we’ll make it a bit more complicated.

The structure of a cluster that we'll be viewing later

To create kubeconfig, we need to know the name of the cluster and the region and project in which it’s running. We might have that information in our heads. But, let’s imagine that’s not the case. What if we forgot it, or didn’t pay attention before? That gives us a perfect opportunity to introduce yet another Terraform feature.

We can define outputs with the information we need, as long as that information is available in Terraform state.

Definition of Output.tf

We’re specifying which data should be output by Terraform. Such outputs are generated at the end of the terraform apply process, and we’ll see that later. For now, we’re only interested in the outputs so we can use them to deduce the name of the cluster, the project ID, and the region, so that we can retrieve the credentials for kubeconfig.

If we want to see all the outputs, we can simply refresh. That updates the state file with the information about the physical resources Terraform is tracking and, more importantly, shows us those outputs.

Command to execute terraform refresh

The output, limited to the relevant parts, is as follows.

Output of Terraform refresh

We can clearly see the name of the cluster, the project ID, and the region. But that’s not what we really need. We’re not interested in seeing that information, but rather in using it to construct the command that will retrieve the credentials. We can accomplish that with the terraform output command.

Output of terraform output

We can see that the output is devops-catalog.

Checking the cluster#

Now we know how to retrieve the output of a single value, so let’s use that to construct the command that will retrieve the credentials.

Commands to retrieve credentials

We specified that kubeconfig should be in the current directory by exporting the environment variable KUBECONFIG. Later on, we retrieved the credentials using gcloud. What matters, apart from the obvious need to retrieve the credentials, is that we used terraform output to retrieve the data we need and pass them to gcloud.

The only thing left is to give us admin permissions to the cluster.

Giving permissions to the cluster

Now we should be able to check the cluster that Terraform created for us. We’ll retrieve the nodes using the following commands.

Get nodes in the cluster

The output states that “No resources were found in default namespace.” That’s expected. We retrieved the nodes of the cluster, and we got none. GKE does not allow us to access the control plane. On the other hand, we haven’t yet created worker nodes, so there are none for now.

The cluster is empty for now

Try it yourself#

You can try all of the commands used in this lesson in the code playground below. Press the “Run” button and wait for a few seconds for it to connect.

For ease of use, all of the commands above are combined in main.sh.

Please provide values for the following:
type
Not Specified...
project_id
Not Specified...
private_key_id
Not Specified...
private_key
Not Specified...
client_email
Not Specified...
client_id
Not Specified...
auth_uri
Not Specified...
token_uri
Not Specified...
auth_provider_x509_cert_url
Not Specified...
client_x509_cert_url
Not Specified...
GCP_TF_VAR_state_bucket
Not Specified...
GCP_PROJECT_ID
Not Specified...
TF_VAR_project_id
Not Specified...
/
account.json
main.sh
backend.tf
k8s-control-plane.tf
output.tf
provider.tf
storage.tf
variables.tf
terraform.tfstate
Try it yourself

Creating the Control Plane

Creating Worker Nodes